key.c revision b5c34f662a3519d34f9634a14d8de638fdbe0ca3
1/* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc. 4 * Copyright 2006-2007 Jiri Benc <jbenc@suse.cz> 5 * Copyright 2007-2008 Johannes Berg <johannes@sipsolutions.net> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License version 2 as 9 * published by the Free Software Foundation. 10 */ 11 12#include <linux/if_ether.h> 13#include <linux/etherdevice.h> 14#include <linux/list.h> 15#include <linux/rcupdate.h> 16#include <linux/rtnetlink.h> 17#include <linux/slab.h> 18#include <net/mac80211.h> 19#include "ieee80211_i.h" 20#include "driver-ops.h" 21#include "debugfs_key.h" 22#include "aes_ccm.h" 23#include "aes_cmac.h" 24 25 26/** 27 * DOC: Key handling basics 28 * 29 * Key handling in mac80211 is done based on per-interface (sub_if_data) 30 * keys and per-station keys. Since each station belongs to an interface, 31 * each station key also belongs to that interface. 32 * 33 * Hardware acceleration is done on a best-effort basis for algorithms 34 * that are implemented in software, for each key the hardware is asked 35 * to enable that key for offloading but if it cannot do that the key is 36 * simply kept for software encryption (unless it is for an algorithm 37 * that isn't implemented in software). 38 * There is currently no way of knowing whether a key is handled in SW 39 * or HW except by looking into debugfs. 40 * 41 * All key management is internally protected by a mutex. Within all 42 * other parts of mac80211, key references are, just as STA structure 43 * references, protected by RCU. Note, however, that some things are 44 * unprotected, namely the key->sta dereferences within the hardware 45 * acceleration functions. This means that sta_info_destroy() must 46 * remove the key which waits for an RCU grace period. 47 */ 48 49static const u8 bcast_addr[ETH_ALEN] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; 50 51static void assert_key_lock(struct ieee80211_local *local) 52{ 53 lockdep_assert_held(&local->key_mtx); 54} 55 56static struct ieee80211_sta *get_sta_for_key(struct ieee80211_key *key) 57{ 58 if (key->sta) 59 return &key->sta->sta; 60 61 return NULL; 62} 63 64static int ieee80211_key_enable_hw_accel(struct ieee80211_key *key) 65{ 66 struct ieee80211_sub_if_data *sdata; 67 struct ieee80211_sta *sta; 68 int ret; 69 70 might_sleep(); 71 72 if (!key->local->ops->set_key) 73 goto out_unsupported; 74 75 assert_key_lock(key->local); 76 77 sta = get_sta_for_key(key); 78 79 /* 80 * If this is a per-STA GTK, check if it 81 * is supported; if not, return. 82 */ 83 if (sta && !(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE) && 84 !(key->local->hw.flags & IEEE80211_HW_SUPPORTS_PER_STA_GTK)) 85 goto out_unsupported; 86 87 sdata = key->sdata; 88 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) { 89 /* 90 * The driver doesn't know anything about VLAN interfaces. 91 * Hence, don't send GTKs for VLAN interfaces to the driver. 92 */ 93 if (!(key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE)) 94 goto out_unsupported; 95 sdata = container_of(sdata->bss, 96 struct ieee80211_sub_if_data, 97 u.ap); 98 } 99 100 ret = drv_set_key(key->local, SET_KEY, sdata, sta, &key->conf); 101 102 if (!ret) { 103 key->flags |= KEY_FLAG_UPLOADED_TO_HARDWARE; 104 return 0; 105 } 106 107 if (ret != -ENOSPC && ret != -EOPNOTSUPP) 108 wiphy_err(key->local->hw.wiphy, 109 "failed to set key (%d, %pM) to hardware (%d)\n", 110 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret); 111 112 out_unsupported: 113 switch (key->conf.cipher) { 114 case WLAN_CIPHER_SUITE_WEP40: 115 case WLAN_CIPHER_SUITE_WEP104: 116 case WLAN_CIPHER_SUITE_TKIP: 117 case WLAN_CIPHER_SUITE_CCMP: 118 case WLAN_CIPHER_SUITE_AES_CMAC: 119 /* all of these we can do in software */ 120 return 0; 121 default: 122 return -EINVAL; 123 } 124} 125 126static void ieee80211_key_disable_hw_accel(struct ieee80211_key *key) 127{ 128 struct ieee80211_sub_if_data *sdata; 129 struct ieee80211_sta *sta; 130 int ret; 131 132 might_sleep(); 133 134 if (!key || !key->local->ops->set_key) 135 return; 136 137 assert_key_lock(key->local); 138 139 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE)) 140 return; 141 142 sta = get_sta_for_key(key); 143 sdata = key->sdata; 144 145 if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) 146 sdata = container_of(sdata->bss, 147 struct ieee80211_sub_if_data, 148 u.ap); 149 150 ret = drv_set_key(key->local, DISABLE_KEY, sdata, 151 sta, &key->conf); 152 153 if (ret) 154 wiphy_err(key->local->hw.wiphy, 155 "failed to remove key (%d, %pM) from hardware (%d)\n", 156 key->conf.keyidx, sta ? sta->addr : bcast_addr, ret); 157 158 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 159} 160 161void ieee80211_key_removed(struct ieee80211_key_conf *key_conf) 162{ 163 struct ieee80211_key *key; 164 165 key = container_of(key_conf, struct ieee80211_key, conf); 166 167 might_sleep(); 168 assert_key_lock(key->local); 169 170 key->flags &= ~KEY_FLAG_UPLOADED_TO_HARDWARE; 171 172 /* 173 * Flush TX path to avoid attempts to use this key 174 * after this function returns. Until then, drivers 175 * must be prepared to handle the key. 176 */ 177 synchronize_rcu(); 178} 179EXPORT_SYMBOL_GPL(ieee80211_key_removed); 180 181static void __ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, 182 int idx, bool uni, bool multi) 183{ 184 struct ieee80211_key *key = NULL; 185 186 assert_key_lock(sdata->local); 187 188 if (idx >= 0 && idx < NUM_DEFAULT_KEYS) 189 key = sdata->keys[idx]; 190 191 if (uni) 192 rcu_assign_pointer(sdata->default_unicast_key, key); 193 if (multi) 194 rcu_assign_pointer(sdata->default_multicast_key, key); 195 196 ieee80211_debugfs_key_update_default(sdata); 197} 198 199void ieee80211_set_default_key(struct ieee80211_sub_if_data *sdata, int idx, 200 bool uni, bool multi) 201{ 202 mutex_lock(&sdata->local->key_mtx); 203 __ieee80211_set_default_key(sdata, idx, uni, multi); 204 mutex_unlock(&sdata->local->key_mtx); 205} 206 207static void 208__ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, int idx) 209{ 210 struct ieee80211_key *key = NULL; 211 212 assert_key_lock(sdata->local); 213 214 if (idx >= NUM_DEFAULT_KEYS && 215 idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS) 216 key = sdata->keys[idx]; 217 218 rcu_assign_pointer(sdata->default_mgmt_key, key); 219 220 ieee80211_debugfs_key_update_default(sdata); 221} 222 223void ieee80211_set_default_mgmt_key(struct ieee80211_sub_if_data *sdata, 224 int idx) 225{ 226 mutex_lock(&sdata->local->key_mtx); 227 __ieee80211_set_default_mgmt_key(sdata, idx); 228 mutex_unlock(&sdata->local->key_mtx); 229} 230 231 232static void __ieee80211_key_replace(struct ieee80211_sub_if_data *sdata, 233 struct sta_info *sta, 234 bool pairwise, 235 struct ieee80211_key *old, 236 struct ieee80211_key *new) 237{ 238 int idx; 239 bool defunikey, defmultikey, defmgmtkey; 240 241 if (new) 242 list_add(&new->list, &sdata->key_list); 243 244 if (sta && pairwise) { 245 rcu_assign_pointer(sta->ptk, new); 246 } else if (sta) { 247 if (old) 248 idx = old->conf.keyidx; 249 else 250 idx = new->conf.keyidx; 251 rcu_assign_pointer(sta->gtk[idx], new); 252 } else { 253 WARN_ON(new && old && new->conf.keyidx != old->conf.keyidx); 254 255 if (old) 256 idx = old->conf.keyidx; 257 else 258 idx = new->conf.keyidx; 259 260 defunikey = old && sdata->default_unicast_key == old; 261 defmultikey = old && sdata->default_multicast_key == old; 262 defmgmtkey = old && sdata->default_mgmt_key == old; 263 264 if (defunikey && !new) 265 __ieee80211_set_default_key(sdata, -1, true, false); 266 if (defmultikey && !new) 267 __ieee80211_set_default_key(sdata, -1, false, true); 268 if (defmgmtkey && !new) 269 __ieee80211_set_default_mgmt_key(sdata, -1); 270 271 rcu_assign_pointer(sdata->keys[idx], new); 272 if (defunikey && new) 273 __ieee80211_set_default_key(sdata, new->conf.keyidx, 274 true, false); 275 if (defmultikey && new) 276 __ieee80211_set_default_key(sdata, new->conf.keyidx, 277 false, true); 278 if (defmgmtkey && new) 279 __ieee80211_set_default_mgmt_key(sdata, 280 new->conf.keyidx); 281 } 282 283 if (old) 284 list_del(&old->list); 285} 286 287struct ieee80211_key *ieee80211_key_alloc(u32 cipher, int idx, size_t key_len, 288 const u8 *key_data, 289 size_t seq_len, const u8 *seq) 290{ 291 struct ieee80211_key *key; 292 int i, j, err; 293 294 BUG_ON(idx < 0 || idx >= NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS); 295 296 key = kzalloc(sizeof(struct ieee80211_key) + key_len, GFP_KERNEL); 297 if (!key) 298 return ERR_PTR(-ENOMEM); 299 300 /* 301 * Default to software encryption; we'll later upload the 302 * key to the hardware if possible. 303 */ 304 key->conf.flags = 0; 305 key->flags = 0; 306 307 key->conf.cipher = cipher; 308 key->conf.keyidx = idx; 309 key->conf.keylen = key_len; 310 switch (cipher) { 311 case WLAN_CIPHER_SUITE_WEP40: 312 case WLAN_CIPHER_SUITE_WEP104: 313 key->conf.iv_len = WEP_IV_LEN; 314 key->conf.icv_len = WEP_ICV_LEN; 315 break; 316 case WLAN_CIPHER_SUITE_TKIP: 317 key->conf.iv_len = TKIP_IV_LEN; 318 key->conf.icv_len = TKIP_ICV_LEN; 319 if (seq) { 320 for (i = 0; i < NUM_RX_DATA_QUEUES; i++) { 321 key->u.tkip.rx[i].iv32 = 322 get_unaligned_le32(&seq[2]); 323 key->u.tkip.rx[i].iv16 = 324 get_unaligned_le16(seq); 325 } 326 } 327 break; 328 case WLAN_CIPHER_SUITE_CCMP: 329 key->conf.iv_len = CCMP_HDR_LEN; 330 key->conf.icv_len = CCMP_MIC_LEN; 331 if (seq) { 332 for (i = 0; i < NUM_RX_DATA_QUEUES + 1; i++) 333 for (j = 0; j < CCMP_PN_LEN; j++) 334 key->u.ccmp.rx_pn[i][j] = 335 seq[CCMP_PN_LEN - j - 1]; 336 } 337 /* 338 * Initialize AES key state here as an optimization so that 339 * it does not need to be initialized for every packet. 340 */ 341 key->u.ccmp.tfm = ieee80211_aes_key_setup_encrypt(key_data); 342 if (IS_ERR(key->u.ccmp.tfm)) { 343 err = PTR_ERR(key->u.ccmp.tfm); 344 kfree(key); 345 key = ERR_PTR(err); 346 } 347 break; 348 case WLAN_CIPHER_SUITE_AES_CMAC: 349 key->conf.iv_len = 0; 350 key->conf.icv_len = sizeof(struct ieee80211_mmie); 351 if (seq) 352 for (j = 0; j < 6; j++) 353 key->u.aes_cmac.rx_pn[j] = seq[6 - j - 1]; 354 /* 355 * Initialize AES key state here as an optimization so that 356 * it does not need to be initialized for every packet. 357 */ 358 key->u.aes_cmac.tfm = 359 ieee80211_aes_cmac_key_setup(key_data); 360 if (IS_ERR(key->u.aes_cmac.tfm)) { 361 err = PTR_ERR(key->u.aes_cmac.tfm); 362 kfree(key); 363 key = ERR_PTR(err); 364 } 365 break; 366 } 367 memcpy(key->conf.key, key_data, key_len); 368 INIT_LIST_HEAD(&key->list); 369 370 return key; 371} 372 373static void __ieee80211_key_destroy(struct ieee80211_key *key) 374{ 375 if (!key) 376 return; 377 378 if (key->local) 379 ieee80211_key_disable_hw_accel(key); 380 381 if (key->conf.cipher == WLAN_CIPHER_SUITE_CCMP) 382 ieee80211_aes_key_free(key->u.ccmp.tfm); 383 if (key->conf.cipher == WLAN_CIPHER_SUITE_AES_CMAC) 384 ieee80211_aes_cmac_key_free(key->u.aes_cmac.tfm); 385 if (key->local) 386 ieee80211_debugfs_key_remove(key); 387 388 kfree(key); 389} 390 391int ieee80211_key_link(struct ieee80211_key *key, 392 struct ieee80211_sub_if_data *sdata, 393 struct sta_info *sta) 394{ 395 struct ieee80211_key *old_key; 396 int idx, ret; 397 bool pairwise = key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE; 398 399 BUG_ON(!sdata); 400 BUG_ON(!key); 401 402 idx = key->conf.keyidx; 403 key->local = sdata->local; 404 key->sdata = sdata; 405 key->sta = sta; 406 407 if (sta) { 408 /* 409 * some hardware cannot handle TKIP with QoS, so 410 * we indicate whether QoS could be in use. 411 */ 412 if (test_sta_flags(sta, WLAN_STA_WME)) 413 key->conf.flags |= IEEE80211_KEY_FLAG_WMM_STA; 414 } else { 415 if (sdata->vif.type == NL80211_IFTYPE_STATION) { 416 struct sta_info *ap; 417 418 /* 419 * We're getting a sta pointer in, so must be under 420 * appropriate locking for sta_info_get(). 421 */ 422 423 /* same here, the AP could be using QoS */ 424 ap = sta_info_get(key->sdata, key->sdata->u.mgd.bssid); 425 if (ap) { 426 if (test_sta_flags(ap, WLAN_STA_WME)) 427 key->conf.flags |= 428 IEEE80211_KEY_FLAG_WMM_STA; 429 } 430 } 431 } 432 433 mutex_lock(&sdata->local->key_mtx); 434 435 if (sta && pairwise) 436 old_key = sta->ptk; 437 else if (sta) 438 old_key = sta->gtk[idx]; 439 else 440 old_key = sdata->keys[idx]; 441 442 __ieee80211_key_replace(sdata, sta, pairwise, old_key, key); 443 __ieee80211_key_destroy(old_key); 444 445 ieee80211_debugfs_key_add(key); 446 447 ret = ieee80211_key_enable_hw_accel(key); 448 449 mutex_unlock(&sdata->local->key_mtx); 450 451 return ret; 452} 453 454static void __ieee80211_key_free(struct ieee80211_key *key) 455{ 456 /* 457 * Replace key with nothingness if it was ever used. 458 */ 459 if (key->sdata) 460 __ieee80211_key_replace(key->sdata, key->sta, 461 key->conf.flags & IEEE80211_KEY_FLAG_PAIRWISE, 462 key, NULL); 463 __ieee80211_key_destroy(key); 464} 465 466void ieee80211_key_free(struct ieee80211_local *local, 467 struct ieee80211_key *key) 468{ 469 if (!key) 470 return; 471 472 mutex_lock(&local->key_mtx); 473 __ieee80211_key_free(key); 474 mutex_unlock(&local->key_mtx); 475} 476 477void ieee80211_enable_keys(struct ieee80211_sub_if_data *sdata) 478{ 479 struct ieee80211_key *key; 480 481 ASSERT_RTNL(); 482 483 if (WARN_ON(!ieee80211_sdata_running(sdata))) 484 return; 485 486 mutex_lock(&sdata->local->key_mtx); 487 488 list_for_each_entry(key, &sdata->key_list, list) 489 ieee80211_key_enable_hw_accel(key); 490 491 mutex_unlock(&sdata->local->key_mtx); 492} 493 494void ieee80211_disable_keys(struct ieee80211_sub_if_data *sdata) 495{ 496 struct ieee80211_key *key; 497 498 ASSERT_RTNL(); 499 500 mutex_lock(&sdata->local->key_mtx); 501 502 list_for_each_entry(key, &sdata->key_list, list) 503 ieee80211_key_disable_hw_accel(key); 504 505 mutex_unlock(&sdata->local->key_mtx); 506} 507 508void ieee80211_free_keys(struct ieee80211_sub_if_data *sdata) 509{ 510 struct ieee80211_key *key, *tmp; 511 512 mutex_lock(&sdata->local->key_mtx); 513 514 ieee80211_debugfs_key_remove_mgmt_default(sdata); 515 516 list_for_each_entry_safe(key, tmp, &sdata->key_list, list) 517 __ieee80211_key_free(key); 518 519 ieee80211_debugfs_key_update_default(sdata); 520 521 mutex_unlock(&sdata->local->key_mtx); 522} 523